Last Updated: July 2026
We take the security of your information seriously. Our platform uses industry-standard security measures to protect your data across our website and mobile apps.
Our free document tools, including the will builder and Transfer-on-Death deed forms, process your information entirely within your browser. Your form entries and generated documents are never transmitted to or stored on SimplyTrust servers. We cannot access, recover, or retrieve documents created through these tools. This applies to the free document tools only; our paid settlement plans store your plan on our servers, as described below.
Our paid Estate Settlement Plan and Trust Settlement Plan store your plan on our servers so it persists across visits and devices. Plan data is encrypted in transit with TLS and stored in Neon, a managed PostgreSQL platform with encryption at rest.
A settlement plan is accessed through a private link instead of an account. We store only a one-way cryptographic hash of your link — the link itself cannot be read from or reconstructed out of our database. If you lose your link, requesting a new one invalidates the old one. Read-only share links you create for family members work the same way: only hashes are stored, each link can be disabled individually, and share links cannot edit the plan.
If you enter the decedent's Social Security number, it receives additional protection beyond the rest of the plan: it is encrypted with AES-256-GCM using a dedicated key, stored separately from other plan data, and excluded from revision history and read-only share views. Only the last four digits are displayed back to you; the full value is used solely to fill forms you open from your plan.
Files you upload to a plan are stored in a private storage area that is not publicly addressable and is separate from our public media storage. Uploaded documents are reachable only through your plan link, are not included in read-only share views, and are stored and returned as-is — we do not open, parse, or analyze their contents.
We use phone-based authentication powered by Stytch. When you sign in, you receive a one-time verification code via SMS. This eliminates the need for passwords and protects against common password-based attacks.
All data transmitted between your device and our servers is encrypted using TLS 1.3. Your trust documents, contact information, and personal data are stored in Supabase, a SOC 2 Type II compliant database platform with encryption at rest and row-level security.
Our iOS and Android apps are built with Flutter and follow platform security best practices. Authentication tokens are stored securely using platform-native secure storage, and all network communication is encrypted.
In-app payments are processed through Apple's App Store and Google Play Store, which handle all payment information securely. Your payment details never touch our servers.
We use trusted third-party services to operate our platform:
Each of these providers maintains their own security certifications and compliance standards.
We respect your privacy and handle your data according to our Privacy Policy. You have the right to access, correct, or delete your personal information at any time.
To help protect your account:
If you have security concerns or discover a vulnerability, please contact us:
SimplyTrust Software Inc.
Security: security@simplytrust.com
General Inquiries: hello@simplytrust.com
Website: simplytrust.com